/** * This method loads a certificate from the given resource. The certificate must be DER-encoded and may be supplied in binary or printable * (Base64) encoding. If the certificate is provided in Base64 encoding, it must be bounded at the beginning by -----BEGIN CERTIFICATE-----, and * must be bounded at the end by -----END CERTIFICATE-----. It throws an {@code DSSException} or return {@code null} when the * certificate cannot be loaded. * * @param path resource location. * @return */ public static X509Certificate loadCertificate(final String path) throws DSSException { final InputStream inputStream = DSSUtils.class.getResourceAsStream(path); return loadCertificate(inputStream); }
/** * This method loads a certificate from the given location. The certificate must be DER-encoded and may be supplied in binary or printable * (Base64) encoding. If the certificate is provided in Base64 encoding, it must be bounded at the beginning by -----BEGIN CERTIFICATE-----, and * must be bounded at the end by -----END CERTIFICATE-----. It throws an {@code DSSException} or return {@code null} when the * certificate cannot be loaded. * * @param file * @return */ public static X509Certificate loadCertificate(final File file) throws DSSException { final InputStream inputStream = DSSUtils.toByteArrayInputStream(file); final X509Certificate x509Certificate = loadCertificate(inputStream); return x509Certificate; }
/** * This method loads a certificate from a base 64 encoded String * * @param base64Encoded * @return */ public static X509Certificate loadCertificateFromBase64EncodedString(final String base64Encoded) { final byte[] bytes = DSSUtils.base64Decode(base64Encoded); return loadCertificate(bytes); }
/** * This method loads a certificate from the byte array. The certificate must be DER-encoded and may be supplied in binary or printable * (Base64) encoding. If the certificate is provided in Base64 encoding, it must be bounded at the beginning by -----BEGIN CERTIFICATE-----, and * must be bounded at the end by -----END CERTIFICATE-----. It throws an {@code DSSException} or return {@code null} when the * certificate cannot be loaded. * * @param input array of bytes containing the certificate * @return */ public static X509Certificate loadCertificate(final byte[] input) throws DSSException { if (input == null) { throw new DSSNullException(byte[].class, "X5009 certificate"); } final ByteArrayInputStream inputStream = new ByteArrayInputStream(input); return loadCertificate(inputStream); }
private void readCerts(PdfDict dssCatalog) throws IOException { final PdfArray certsArray = dssCatalog.getAsArray("Certs"); if (certsArray != null) { LOG.debug("There is {} in this certsArray", certsArray.size()); for (int ii = 0; ii < certsArray.size(); ii++) { final byte[] stream = certsArray.getBytes(ii); final X509Certificate cert = DSSUtils.loadCertificate(stream); certList.add(cert); } } }
private X509Certificate readLOTLCertificate() throws DSSException { X509Certificate lotlCert; if (lotlCertificate == null) { final String msg = "The LOTL signing certificate property must contain a reference to a certificate."; diagnosticInfo.put(lotlUrl, msg); throw new DSSException(msg); } InputStream inputStream = null; try { inputStream = getLotlCertificateInputStream(); lotlCert = DSSUtils.loadCertificate(inputStream); } catch (DSSException e) { final String msg = "Cannot read LOTL signing certificate."; diagnosticInfo.put(lotlUrl, msg); throw e; } finally { DSSUtils.closeQuietly(inputStream); } return lotlCert; }
/** * @param xPathQuery XPath query * @return */ private List<CertificateToken> getCertificates(final String xPathQuery) { final List<CertificateToken> list = new ArrayList<CertificateToken>(); final NodeList nodeList = DSSXMLUtils.getNodeList(signatureElement, xPathQuery); for (int ii = 0; ii < nodeList.getLength(); ii++) { final Element certificateElement = (Element) nodeList.item(ii); final byte[] derEncoded = DSSUtils.base64Decode(certificateElement.getTextContent()); final X509Certificate cert = DSSUtils.loadCertificate(derEncoded); final CertificateToken certToken = addCertificate(cert); if (!list.contains(certToken)) { final String idIdentifier = DSSXMLUtils.getIDIdentifier(certificateElement); certToken.setXmlId(idIdentifier); list.add(certToken); } } return list; }
return null; final X509Certificate issuerCert = loadCertificate(bytes); if (issuerCert == null) { LOG.error("Unable to read data from {}.", url);
final X509Certificate cert = DSSUtils.loadCertificate(currentDigitalIdentity.getX509Certificate()); if (LOG.isDebugEnabled()) {
private void setSigningCertificateAndChain(final WSParameters wsParameters, final SignatureParameters params) { final byte[] signingCertBytes = wsParameters.getSigningCertificateBytes(); if (signingCertBytes == null) { return; } final X509Certificate x509SigningCertificate = DSSUtils.loadCertificate(signingCertBytes); params.setSigningCertificate(x509SigningCertificate); final List<ChainCertificate> chainCertificates = new ArrayList<ChainCertificate>(); chainCertificates.add(new ChainCertificate(x509SigningCertificate, true)); final List<WSChainCertificate> wsChainCertificateList = wsParameters.getChainCertificateList(); if (!DSSUtils.isEmpty(wsChainCertificateList)) { for (final WSChainCertificate wsChainCertificate : wsChainCertificateList) { final X509Certificate x509Certificate = DSSUtils.loadCertificate(wsChainCertificate.getX509Certificate()); final ChainCertificate chainCertificate = new ChainCertificate(x509Certificate, wsChainCertificate.isSignedAttribute()); if (!chainCertificates.contains(chainCertificate)) { chainCertificates.add(chainCertificate); } } } params.setCertificateChain(chainCertificates); }
/** * Returns the list of certificate representing the digital identity of this service. * * @return {@code List} of {@code Object} which can be {@code X509Certificate} or {@code X500Principal} */ List<Object> getDigitalIdentity() { final List<Object> certs = new ArrayList<Object>(); for (final DigitalIdentityType digitalIdentity : getServiceDigitalIdentity().getDigitalId()) { try { final byte[] x509CertificateBytes = digitalIdentity.getX509Certificate(); if (x509CertificateBytes != null) { final X509Certificate x509Certificate = DSSUtils.loadCertificate(x509CertificateBytes); // System.out.println(" ----- > " + x509Certificate.getSubjectX500Principal()); certs.add(x509Certificate); } else { final String x509SubjectName = digitalIdentity.getX509SubjectName(); if (x509SubjectName != null) { final X500Principal x500Principal = DSSUtils.getX500Principal(x509SubjectName); certs.add(x500Principal); } } } catch (DSSException e) { LOG.warn(e.getLocalizedMessage()); } } return certs; }
private boolean extractSigningCertificateFromResponse(final CertificatePool certificatePool) { for (final X509CertificateHolder x509CertificateHolder : basicOCSPResp.getCerts()) { final byte[] encoded = DSSUtils.getEncoded(x509CertificateHolder); final X509Certificate x509Certificate = DSSUtils.loadCertificate(encoded); final CertificateToken certToken = certificatePool.getInstance(x509Certificate, CertificateSourceType.OCSP_RESPONSE); if (isSignedBy(certToken)) { return true; } } return false; }